EP2876571A1 - Procédé permettant d'authentifier un utilisateur en utilisant un code d'accès, terminal correspondant - Google Patents
Procédé permettant d'authentifier un utilisateur en utilisant un code d'accès, terminal correspondant Download PDFInfo
- Publication number
- EP2876571A1 EP2876571A1 EP13306617.5A EP13306617A EP2876571A1 EP 2876571 A1 EP2876571 A1 EP 2876571A1 EP 13306617 A EP13306617 A EP 13306617A EP 2876571 A1 EP2876571 A1 EP 2876571A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- cells
- access code
- keypad
- terminal
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
Definitions
- the present invention generally relates to authentication processes to give access to a terminal or an application running on said terminal, notably used by different persons.
- Access codes are commonly used in the usual life. They might be required in an authentication mechanism for web-sites, mobile phones, etc., but can also be required to protect access to sensitive information located, for instance, on a remote server.
- access codes are made of several digits that a user shall successively enter through a dedicated application, thanks to a real or virtual keypad.
- a client terminal e.g. personal computer, a tablet, a smartphone, etc.
- a user can have to enter his(her) personal login into a dedicated window followed by his(her) personal access code at a virtual keypad appearing on the screen of the client terminal.
- the keypad is usually formed by a plurality of cells, each cell being identified by a figure, letter or any other character or the like.
- the present invention attempts to remedy at least the above mentioned drawback.
- the invention concerns a method for authenticating a user comprising the step of entering an access code at a keypad of a terminal, said keypad comprising a plurality of cells, which is remarkable in that said access code is defined by a succession of N combinations of M concurrently selections of cells, N and M being integers at least equal to 1 (and preferably at least equal to 2).
- the present invention provides an easy way of identifying and/or authenticating of a user without, preferably, using a login (even if the latter can also be used).
- the cells of the keypad are devoid of any sign or mark.
- said access code can further comprise at least one additional fake combination of cells.
- Such fake combination(s) can help to improve the security associated with the access code.
- said fake combination of cells can be inserted at a predetermined position amongst the N combinations of cells of said access code.
- the position of said fake combination of cells in said access code can also be undefined, to let the user choose where he/she wants to insert said fake combination.
- the cells of said fake combination can be advantageously undefined, so that a fake combination can be performed by a user by selecting any cell(s) of the keypad.
- the associated cells may vary between two distinct uses of the access code.
- the cells of the keypad are arranged in rows and columns to define a grid.
- the keypad comprises eight cells arranged in two rows and four columns.
- any other appropriated cells arrangements can be considered without departing from the present invention.
- the present invention also concerns a terminal adapted for authenticating a user by an access code, said terminal being equipped with a keypad (such as a virtual keypad or an hardware keypad) comprising a plurality of cells, characterized in that:
- the cells of the keypad are preferably devoid of any sign or mark.
- the access code can further comprise at least one additional fake combination of cells.
- said detector can further be configured for detecting said fake combination.
- the present invention also concerns a computer program product downloadable from a communication network and/or recorded on a medium readable by computer and/or executable by a processor, comprising program code instructions for implementing the steps of the method as previously mentioned.
- the present invention concerns a non-transitory program storage device, readable by a computer, tangibly embodying a program of instructions executable by the computer to perform the steps of the previously mentioned method.
- the present disclosure provides an identification and authentication method that is operative in a mobile computing terminal T (such as smartphone, a tablet, a laptop, etc.) comprising a display interface 1.
- a mobile computing terminal T such as smartphone, a tablet, a laptop, etc.
- said method might also be implemented in a fixed terminal (e.g. a personal computer).
- the method according to the present invention operates to provide a user an access to a given application through the terminal T without using a personal login. In this manner, the user can identify him(her)self and authenticate simultaneously.
- the mobile terminal T is a smartphone or a touchpad, or the like, which comprises:
- the identification and authentication method M according to the present invention is operative in the terminal T of Figure 1 .
- step S0 in order to both identify and authenticate a user wishing to use a given application stored on the terminal T and represented by a corresponding icon (not shown on the Figures) displayed on the touch screen 1, said user preliminary needs (step S0) to define him(her)self or to receive a personal access code.
- said personal access code is preferably composed of a succession of N combinations of M cells, N and M being integers at least equal to 1, and advantageously at least equal to 2. In case the user receives his(her) personal access code, the latter might have been automatically generated.
- step S1 said given application is launched, for instance upon a user action (e.g. a touch on the corresponding icon displayed on the touch screen 1).
- a user action e.g. a touch on the corresponding icon displayed on the touch screen 1).
- a virtual keypad K appears on the touch screen 1 as represented on Figure 3 .
- Said keypad K is preferably composed of a plurality of cells C arranged in rows and columns, while any other type of arrangement might be used without departing from the present invention.
- the virtual keypad K comprises eight cells C, arranged in two rows and four columns to form a rectangular grid. It should be understood that the number and the arrangement of cells may differ, in a variant, from this illustrative example (e.g. a grid of four rows and three columns).
- the cells are devoid of any sign.
- each cell might be identified by a letter, a digit or an adapted character or the like.
- step S3 in order to both identify and authenticate, the user starts to enter his(her) personal access code by simultaneously touching the cells corresponding of the first combination (see Figure 4A ).
- a detector D of the terminal T is configured for detecting and identifying each combination of cells forming the access code.
- the corresponding touches on the keypad K should preferably be long enough.
- the cells of each combination can be concurrently touched during an adapted period of time (e.g. half-second).
- the selected cells might advantageously be shaded - at least during the touch - to let the user be aware of the cell selection.
- a tag 8 (e.g. a number) might be associated with each combination and displayed on the virtual keypad K as shown on Figures 4A to 4C (e.g. in a dedicated window of the keypad). This tag can indicate the order of a given combination amongst all the combinations of the access code.
- step S4 the user can have access to said given application (step S4) and, in case the user has already saved a personal profile, the latter might be automatically retrieved and loaded.
- the identification and authenticating might be used to replace the unlock mechanism present on the terminal T, so that a user can simultaneously unlock the terminal T and have his(her) profile and/or session directly loaded.
- a user can simultaneously be identified and authenticated in an easy way.
- the personal access code can comprise one or more fake combinations in addition to the N true combinations.
- Such fake combinations are advantageously inserted in the N true combinations of the personal access code.
- No predetermined cell is associated with a fake combination, so that the user can select any cells of the touchpad to perform the fake combination.
- a fake combination might be defined by the selection of predetermined cells.
- the user may know the position of these fake combinations within the N true combinations of the personal access code.
- the user does not even need to know the position of the fake combinations amongst the N true combinations of his(her) personal access code.
- the detector D of terminal T can identify the true combinations of cells amongst all the combinations of cells carried out by the user, for instance by comparing each combination with the N true combinations forming the personal access code.
- the last combination of the access code is preferably not a fake combination.
- the user only needs to memorize the N true combinations defining his(her) personal access code and the number of additional fake combinations.
- the number of cells defining a combination of the access code is at most equal to the number of cells of the displayed keypad K and is preferably at most equal to ten (which is the total number of fingers of a user).
- each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
- the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, or blocks may be executed in an alternative order, depending upon the functionality involved.
- aspects of the present principles can be embodied as a system, method or computer readable medium. Accordingly, aspects of the present principles can take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, and so forth), or an embodiment combining software and hardware aspects that can all generally be referred to herein as a "circuit,” “module”, or “system.” Furthermore, aspects of the present principles can take the form of a computer readable storage medium. Any combination of one or more computer readable storage medium(s) may be utilized.
- a computer readable storage medium can take the form of a computer readable program product embodied in one or more computer readable medium(s) and having computer readable program code embodied thereon that is executable by a computer.
- a computer readable storage medium as used herein is considered a non-transitory storage medium given the inherent capability to store the information therein as well as the inherent capability to provide retrieval of the information therefrom.
- a computer readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- User Interface Of Digital Computer (AREA)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP13306617.5A EP2876571A1 (fr) | 2013-11-26 | 2013-11-26 | Procédé permettant d'authentifier un utilisateur en utilisant un code d'accès, terminal correspondant |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP13306617.5A EP2876571A1 (fr) | 2013-11-26 | 2013-11-26 | Procédé permettant d'authentifier un utilisateur en utilisant un code d'accès, terminal correspondant |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2876571A1 true EP2876571A1 (fr) | 2015-05-27 |
Family
ID=49765430
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP13306617.5A Withdrawn EP2876571A1 (fr) | 2013-11-26 | 2013-11-26 | Procédé permettant d'authentifier un utilisateur en utilisant un code d'accès, terminal correspondant |
Country Status (1)
Country | Link |
---|---|
EP (1) | EP2876571A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106570384A (zh) * | 2015-10-08 | 2017-04-19 | 阿里巴巴集团控股有限公司 | 一种身份核实方法及装置 |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1434123A1 (fr) * | 2001-08-29 | 2004-06-30 | Katsuzo Tanaka | Unite de saisie de caractere tres rapide de telephone portable |
US20080117188A1 (en) * | 2006-11-20 | 2008-05-22 | Hon Hai Precision Industry Co., Ltd. | Electronic devices having a touch screen and method for starting the electronic devices |
WO2008136551A1 (fr) * | 2007-05-02 | 2008-11-13 | Melfas, Inc. | Procédé et dispositif de réveil depuis le mode sommeil utilisant un panneau tactile pour appareil électronique |
US20100321304A1 (en) * | 2009-06-17 | 2010-12-23 | Broadcom Corporation | Graphical authentication for a portable device and methods for use therewith |
WO2011109643A1 (fr) * | 2010-03-03 | 2011-09-09 | Twitch Technologies Llc | Système de saisie matricielle au clavier |
EP2477103A1 (fr) * | 2009-09-07 | 2012-07-18 | Intsig Information Co., Ltd. | Procédé et système permettant de saisir des caractères multitactiles |
EP2482217A1 (fr) * | 2011-01-31 | 2012-08-01 | Research In Motion Limited | Dispositif électronique et son procédé de commande |
-
2013
- 2013-11-26 EP EP13306617.5A patent/EP2876571A1/fr not_active Withdrawn
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1434123A1 (fr) * | 2001-08-29 | 2004-06-30 | Katsuzo Tanaka | Unite de saisie de caractere tres rapide de telephone portable |
US20080117188A1 (en) * | 2006-11-20 | 2008-05-22 | Hon Hai Precision Industry Co., Ltd. | Electronic devices having a touch screen and method for starting the electronic devices |
WO2008136551A1 (fr) * | 2007-05-02 | 2008-11-13 | Melfas, Inc. | Procédé et dispositif de réveil depuis le mode sommeil utilisant un panneau tactile pour appareil électronique |
US20100321304A1 (en) * | 2009-06-17 | 2010-12-23 | Broadcom Corporation | Graphical authentication for a portable device and methods for use therewith |
EP2477103A1 (fr) * | 2009-09-07 | 2012-07-18 | Intsig Information Co., Ltd. | Procédé et système permettant de saisir des caractères multitactiles |
WO2011109643A1 (fr) * | 2010-03-03 | 2011-09-09 | Twitch Technologies Llc | Système de saisie matricielle au clavier |
EP2482217A1 (fr) * | 2011-01-31 | 2012-08-01 | Research In Motion Limited | Dispositif électronique et son procédé de commande |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106570384A (zh) * | 2015-10-08 | 2017-04-19 | 阿里巴巴集团控股有限公司 | 一种身份核实方法及装置 |
CN106570384B (zh) * | 2015-10-08 | 2019-09-20 | 阿里巴巴集团控股有限公司 | 一种身份核实方法及装置 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9276919B1 (en) | System and method for recognizing malicious credential guessing attacks | |
US20170140137A1 (en) | Multi-System Entering Method, Apparatus and Terminal | |
US9013424B2 (en) | Method for encoded input and control by fingerprint | |
EP3296907A1 (fr) | Procédé permettant un déverrouillage par empreinte digitale et terminal | |
US20100071060A1 (en) | Electronic device and method for verifying user identification | |
CN105354455B (zh) | 一种状态切换方法及电子设备 | |
CN111507146B (zh) | 指纹辨识装置与方法 | |
US10248231B2 (en) | Electronic device with fingerprint detection | |
CN105068733B (zh) | 一种终端解锁的方法及装置 | |
US9122852B2 (en) | Password input system and method for inputting password | |
CN105005724A (zh) | 一种基于密码的解锁屏方法及通讯终端 | |
KR20190005870A (ko) | 인증 방법 및 디바이스, 인증용 정보를 생성하기 위한 방법 및 디바이스 | |
US11687641B1 (en) | Graphical event-based password system | |
US20170249450A1 (en) | Device and Method for Authenticating a User | |
CN107239202B (zh) | 控制指令识别方法和装置 | |
KR101579038B1 (ko) | 보안 키패드 | |
EP2876571A1 (fr) | Procédé permettant d'authentifier un utilisateur en utilisant un code d'accès, terminal correspondant | |
CN105005729A (zh) | 一种基于图像的解锁屏方法及用户终端 | |
CN106845180A (zh) | 验证身份的方法、应用及计算设备 | |
EP3531335A1 (fr) | Procédé et appareil d'identification de code-barres | |
EP2905716A1 (fr) | Procédé de lancement d'une application identifiée par une icône, terminal correspondant. | |
CN110727639B (zh) | 碎片数据读取方法、电子设备、系统及介质 | |
KR20180127739A (ko) | 사용자 디바이스 및 이의 보안 패턴 제공 방법 | |
CN106709316B (zh) | 一种移动终端中的解锁方法和移动终端 | |
CN106156586B (zh) | 一种控制方法及电子设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20131126 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20151128 |